We use cookies to ensure that we give you the best experience on our website. By continuing your visit on the website, you consent to the use of the cookies. If you want to find out more about the cookies we use, you can access our Privacy Policy.
How do you defend your network using a blacklist when the data is constantly changing? Fuzzy logic can identify near-matches for field values by calculating a string similarity score using algorithms like Levenshtein. This can be done in Splunk with the help of a FREE app. Come learn all about Fuzzylookup with legendary Splunk User J.R. Murray!
About this event
How do you defend your network using a blacklist when the data is constantly changing? Adversaries can easily obscure data with small changes and blacklisting is suddenly useless... until now. Fuzzy logic can identify near-matches for field values by calculating a string similarity score using algorithms like Levenshtein. Now your blacklist for entry for johnny123@badactor.ru could match similar values like john123@badactor.ru or johnny000@badactor.ru. Join us to take a deep dive into the app that makes this possible on a larger scale, Fuzzylookup.
Speaker
J.R. Murray
deductiv
Managing Principle
Mr. Murray is an accomplished leader, cybersecurity guru, and data analytics expert who is recognized by his peers for outstanding technical ability and innovative thinking. Having managed a SOC at a large firm and the Splunk professional services practice at Gemini Data, he now owns and operates deductiv (a Splunk reseller, integrator, and managed services provider). His technical strengths a…
Mr. Murray is an accomplished leader, cybersecurity guru, and data analytics expert who is recognized by his peers for outstanding technical ability and innovative thinking. Having managed a SOC at a large firm and the Splunk professional services practice at Gemini Data, he now owns and operates deductiv (a Splunk reseller, integrator, and managed services provider). His technical strengths are in designing, architecting, and building custom solutions. J.R. is passionate about sustainability, making things, and solving tough problems. J.R. began working with Splunk Enterprise in 2015 and is credited with authoring and contributing to many Splunk apps, several which live on Splunkbase. Noteworthy Splunk projects include KV Store Tools Redux, Event Push, and Fuzzylookup. He has also worked extensively on custom fraud analytics use cases and applying cybersecurity techniques to eCommerce data.
Gregg Woodcock is a gun-toting, Christian, homeschooling father of three whose 30+ years of IT experience (primarily in Telecom) and early adoption of Splunk (v3) has positioned him on the leading edge of the Big Data explosion and uniquely qualified him to launch "Splunxter", a Splunk-focused professional services and contracting company headquartered in the Dallas area. He is the founder and chairman of the Dallas-area Splunk User Group, a two-time speaker at "Splunk Live!", a twice-invited speaker for LTE North America, an Instructor with Global Big Data Boot Camps, occasional street-preacher, and the current Chairman of the Constitution Party of Texas. He is a genuine evangelist of all the best things in life and that of course includes Splunk!